VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Exposure of System Data to an Unauthorized Control Sphere
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-24
CVE-2025-46421
A flaw was found in libsoup.
network
high complexity
CWE-497
6.8
6.8
2025-04-14
CVE-2022-43852
IBM Aspera Console 3.4.0 through 3.4.4 could disclose sensitive information in HTTP headers that could be used in further attacks against the system.
network
low complexity
CWE-497
5.3
5.3
2025-04-07
CVE-2024-45549
Information disclosure while creating MQ channels.
local
low complexity
CWE-497
7.7
7.7
2025-03-10
CVE-2024-52905
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 could disclose sensitive database information to a privileged user.
network
low complexity
CWE-497
2.7
2.7
2025-01-27
CVE-2024-37526
IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0) could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism.
network
low complexity
CWE-497
6.5
6.5
2025-01-24
CVE-2024-40706
Exposure of System Data to an Unauthorized Control Sphere vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system.
network
low complexity
ibm
CWE-497
4.3
4.3
2025-01-07
CVE-2024-45640
IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in further attacks against the system.
network
low complexity
CWE-497
5.3
5.3
2025-01-07
CVE-2024-52367
Exposure of System Data to an Unauthorized Control Sphere vulnerability in IBM Concert Software
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could disclose sensitive system information to an unauthorized actor that could be used in further attacks against the system.
network
low complexity
ibm
CWE-497
7.5
7.5
2024-12-11
CVE-2023-23472
Exposure of System Data to an Unauthorized Control Sphere vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.
network
low complexity
ibm
CWE-497
6.5
6.5
2024-12-03
CVE-2024-25035
Exposure of System Data to an Unauthorized Control Sphere vulnerability in IBM Cognos Controller 11.0.0/11.0.1
IBM Cognos Controller 11.0.0 and 11.0.1 exposes server details that could allow an attacker to obtain information of the application environment to conduct further attacks.
network
low complexity
ibm
CWE-497
5.3
5.3
«
1
(current)
2
»
Next